PyPI - dissect.target - Versions diffs - 3.20.dev39__py3-none-any.whl → 3.20.dev41__py3-none-any.whl - Mend

dissect.target 3.20.dev39py3-none-any.whl → 3.20.dev41py3-none-any.whl

Files changed (14) hide show

dissect/target/helpers/data/windowsZones.xml CHANGED Viewed

@@ -5,8 +5,9 @@ Copyright © 1991-2013 Unicode, Inc.
 CLDR data files are interpreted according to the LDML specification (http://unicode.org/reports/tr35/)
 For terms of use, see http://www.unicode.org/copyright.html
-NOTE: This file should be updated every ~6 months.
-Source: https://github.com/unicode-org/cldr/blob/main/common/supplemental/windowsZones.xml
+NOTE:       This file should be updated every ~6 months.
+Updated at: 2024-10-28
+Source:     https://github.com/unicode-org/cldr/blob/main/common/supplemental/windowsZones.xml
 -->
 <supplementalData>
@@ -33,7 +34,6 @@ Source: https://github.com/unicode-org/cldr/blob/main/common/supplemental/window
 			<mapZone other="Hawaiian Standard Time" territory="001" type="Pacific/Honolulu"/>
 			<mapZone other="Hawaiian Standard Time" territory="CK" type="Pacific/Rarotonga"/>
 			<mapZone other="Hawaiian Standard Time" territory="PF" type="Pacific/Tahiti"/>
-			<mapZone other="Hawaiian Standard Time" territory="UM" type="Pacific/Johnston"/>
 			<mapZone other="Hawaiian Standard Time" territory="US" type="Pacific/Honolulu"/>
 			<mapZone other="Hawaiian Standard Time" territory="ZZ" type="Etc/GMT+10"/>
@@ -52,7 +52,7 @@ Source: https://github.com/unicode-org/cldr/blob/main/common/supplemental/window
 			<!-- (UTC-08:00) Baja California -->
 			<mapZone other="Pacific Standard Time (Mexico)" territory="001" type="America/Tijuana"/>
-			<mapZone other="Pacific Standard Time (Mexico)" territory="MX" type="America/Tijuana America/Santa_Isabel"/>
+			<mapZone other="Pacific Standard Time (Mexico)" territory="MX" type="America/Tijuana"/>
 			<!-- (UTC-08:00) Coordinated Universal Time-08 -->
 			<mapZone other="UTC-08" territory="001" type="Etc/GMT+8"/>
@@ -63,7 +63,6 @@ Source: https://github.com/unicode-org/cldr/blob/main/common/supplemental/window
 			<mapZone other="Pacific Standard Time" territory="001" type="America/Los_Angeles"/>
 			<mapZone other="Pacific Standard Time" territory="CA" type="America/Vancouver"/>
 			<mapZone other="Pacific Standard Time" territory="US" type="America/Los_Angeles"/>
-			<mapZone other="Pacific Standard Time" territory="ZZ" type="PST8PDT"/>
 			<!-- (UTC-07:00) Arizona -->
 			<mapZone other="US Mountain Standard Time" territory="001" type="America/Phoenix"/>
@@ -73,15 +72,14 @@ Source: https://github.com/unicode-org/cldr/blob/main/common/supplemental/window
 			<mapZone other="US Mountain Standard Time" territory="ZZ" type="Etc/GMT+7"/>
 			<!-- (UTC-07:00) Chihuahua, La Paz, Mazatlan -->
-			<mapZone other="Mountain Standard Time (Mexico)" territory="001" type="America/Chihuahua"/>
-			<mapZone other="Mountain Standard Time (Mexico)" territory="MX" type="America/Chihuahua America/Mazatlan"/>
+			<mapZone other="Mountain Standard Time (Mexico)" territory="001" type="America/Mazatlan"/>
+			<mapZone other="Mountain Standard Time (Mexico)" territory="MX" type="America/Mazatlan"/>
 			<!-- (UTC-07:00) Mountain Time (US & Canada) -->
 			<mapZone other="Mountain Standard Time" territory="001" type="America/Denver"/>
-			<mapZone other="Mountain Standard Time" territory="CA" type="America/Edmonton America/Cambridge_Bay America/Inuvik America/Yellowknife"/>
-			<mapZone other="Mountain Standard Time" territory="MX" type="America/Ojinaga"/>
+			<mapZone other="Mountain Standard Time" territory="CA" type="America/Edmonton America/Cambridge_Bay America/Inuvik"/>
+			<mapZone other="Mountain Standard Time" territory="MX" type="America/Ciudad_Juarez"/>
 			<mapZone other="Mountain Standard Time" territory="US" type="America/Denver America/Boise"/>
-			<mapZone other="Mountain Standard Time" territory="ZZ" type="MST7MDT"/>
 			<!-- (UTC-07:00) Yukon -->
 			<mapZone other="Yukon Standard Time" territory="001" type="America/Whitehorse"/>
@@ -100,10 +98,9 @@ Source: https://github.com/unicode-org/cldr/blob/main/common/supplemental/window
 			<!-- (UTC-06:00) Central Time (US & Canada) -->
 			<mapZone other="Central Standard Time" territory="001" type="America/Chicago"/>
-			<mapZone other="Central Standard Time" territory="CA" type="America/Winnipeg America/Rainy_River America/Rankin_Inlet America/Resolute"/>
-			<mapZone other="Central Standard Time" territory="MX" type="America/Matamoros"/>
+			<mapZone other="Central Standard Time" territory="CA" type="America/Winnipeg America/Rankin_Inlet America/Resolute"/>
+			<mapZone other="Central Standard Time" territory="MX" type="America/Matamoros America/Ojinaga"/>
 			<mapZone other="Central Standard Time" territory="US" type="America/Chicago America/Indiana/Knox America/Indiana/Tell_City America/Menominee America/North_Dakota/Beulah America/North_Dakota/Center America/North_Dakota/New_Salem"/>
-			<mapZone other="Central Standard Time" territory="ZZ" type="CST6CDT"/>
 			<!-- (UTC-06:00) Easter Island -->
 			<mapZone other="Easter Island Standard Time" territory="001" type="Pacific/Easter"/>
@@ -111,7 +108,7 @@ Source: https://github.com/unicode-org/cldr/blob/main/common/supplemental/window
 			<!-- (UTC-06:00) Guadalajara, Mexico City, Monterrey -->
 			<mapZone other="Central Standard Time (Mexico)" territory="001" type="America/Mexico_City"/>
-			<mapZone other="Central Standard Time (Mexico)" territory="MX" type="America/Mexico_City America/Bahia_Banderas America/Merida America/Monterrey"/>
+			<mapZone other="Central Standard Time (Mexico)" territory="MX" type="America/Mexico_City America/Bahia_Banderas America/Merida America/Monterrey America/Chihuahua "/>
 			<!-- (UTC-06:00) Saskatchewan -->
 			<mapZone other="Canada Central Standard Time" territory="001" type="America/Regina"/>
@@ -136,9 +133,8 @@ Source: https://github.com/unicode-org/cldr/blob/main/common/supplemental/window
 			<!-- (UTC-05:00) Eastern Time (US & Canada) -->
 			<mapZone other="Eastern Standard Time" territory="001" type="America/New_York"/>
 			<mapZone other="Eastern Standard Time" territory="BS" type="America/Nassau"/>
-			<mapZone other="Eastern Standard Time" territory="CA" type="America/Toronto America/Iqaluit America/Montreal America/Nipigon America/Pangnirtung America/Thunder_Bay"/>
+			<mapZone other="Eastern Standard Time" territory="CA" type="America/Toronto America/Iqaluit"/>
 			<mapZone other="Eastern Standard Time" territory="US" type="America/New_York America/Detroit America/Indiana/Petersburg America/Indiana/Vincennes America/Indiana/Winamac America/Kentucky/Monticello America/Louisville"/>
-			<mapZone other="Eastern Standard Time" territory="ZZ" type="EST5EDT"/>
 			<!-- (UTC-05:00) Haiti -->
 			<mapZone other="Haiti Standard Time" territory="001" type="America/Port-au-Prince"/>
@@ -424,7 +420,7 @@ Source: https://github.com/unicode-org/cldr/blob/main/common/supplemental/window
 			<mapZone other="FLE Standard Time" territory="FI" type="Europe/Helsinki"/>
 			<mapZone other="FLE Standard Time" territory="LT" type="Europe/Vilnius"/>
 			<mapZone other="FLE Standard Time" territory="LV" type="Europe/Riga"/>
-			<mapZone other="FLE Standard Time" territory="UA" type="Europe/Kiev Europe/Uzhgorod Europe/Zaporozhye"/>
+			<mapZone other="FLE Standard Time" territory="UA" type="Europe/Kiev"/>
 			<!-- (UTC+02:00) Jerusalem -->
 			<mapZone other="Israel Standard Time" territory="001" type="Asia/Jerusalem"/>
@@ -541,7 +537,8 @@ Source: https://github.com/unicode-org/cldr/blob/main/common/supplemental/window
 			<!-- (UTC+05:00) Ashgabat, Tashkent -->
 			<mapZone other="West Asia Standard Time" territory="001" type="Asia/Tashkent"/>
 			<mapZone other="West Asia Standard Time" territory="AQ" type="Antarctica/Mawson"/>
-			<mapZone other="West Asia Standard Time" territory="KZ" type="Asia/Oral Asia/Aqtau Asia/Aqtobe Asia/Atyrau"/>
+			<!-- Microsoft may create a new zone dedicated for Almaty and Qostanay. -->
+			<mapZone other="West Asia Standard Time" territory="KZ" type="Asia/Oral Asia/Almaty Asia/Aqtau Asia/Aqtobe Asia/Atyrau Asia/Qostanay"/>
 			<mapZone other="West Asia Standard Time" territory="MV" type="Indian/Maldives"/>
 			<mapZone other="West Asia Standard Time" territory="TF" type="Indian/Kerguelen"/>
 			<mapZone other="West Asia Standard Time" territory="TJ" type="Asia/Dushanbe"/>
@@ -573,13 +570,12 @@ Source: https://github.com/unicode-org/cldr/blob/main/common/supplemental/window
 			<mapZone other="Nepal Standard Time" territory="001" type="Asia/Katmandu"/>
 			<mapZone other="Nepal Standard Time" territory="NP" type="Asia/Katmandu"/>
-			<!-- (UTC+06:00) Astana -->
-			<mapZone other="Central Asia Standard Time" territory="001" type="Asia/Almaty"/>
+			<!-- (UTC+06:00) Astana --> <!-- Microsoft probably keeps Central Asia Standard Time, but change Astana to something else. -->
+			<mapZone other="Central Asia Standard Time" territory="001" type="Asia/Bishkek"/>
 			<mapZone other="Central Asia Standard Time" territory="AQ" type="Antarctica/Vostok"/>
 			<mapZone other="Central Asia Standard Time" territory="CN" type="Asia/Urumqi"/>
 			<mapZone other="Central Asia Standard Time" territory="IO" type="Indian/Chagos"/>
 			<mapZone other="Central Asia Standard Time" territory="KG" type="Asia/Bishkek"/>
-			<mapZone other="Central Asia Standard Time" territory="KZ" type="Asia/Almaty Asia/Qostanay"/>
 			<mapZone other="Central Asia Standard Time" territory="ZZ" type="Etc/GMT-6"/>
 			<!-- (UTC+06:00) Dhaka -->
@@ -656,7 +652,7 @@ Source: https://github.com/unicode-org/cldr/blob/main/common/supplemental/window
 			<!-- (UTC+08:00) Ulaanbaatar -->
 			<mapZone other="Ulaanbaatar Standard Time" territory="001" type="Asia/Ulaanbaatar"/>
-			<mapZone other="Ulaanbaatar Standard Time" territory="MN" type="Asia/Ulaanbaatar Asia/Choibalsan"/>
+			<mapZone other="Ulaanbaatar Standard Time" territory="MN" type="Asia/Ulaanbaatar"/>
 			<!-- (UTC+08:45) Eucla -->
 			<mapZone other="Aus Central W. Standard Time" territory="001" type="Australia/Eucla"/>
@@ -713,7 +709,7 @@ Source: https://github.com/unicode-org/cldr/blob/main/common/supplemental/window
 			<!-- (UTC+10:00) Hobart -->
 			<mapZone other="Tasmania Standard Time" territory="001" type="Australia/Hobart"/>
-			<mapZone other="Tasmania Standard Time" territory="AU" type="Australia/Hobart Australia/Currie Antarctica/Macquarie"/>
+			<mapZone other="Tasmania Standard Time" territory="AU" type="Australia/Hobart Antarctica/Macquarie"/>
 			<!-- (UTC+10:00) Vladivostok -->
 			<mapZone other="Vladivostok Standard Time" territory="001" type="Asia/Vladivostok"/>

dissect/target/helpers/record.py CHANGED Viewed

@@ -185,3 +185,24 @@ MacInterfaceRecord = TargetRecordDescriptor(
         ("boolean", "dhcp"),
     ],
 )
+COMMON_APPLICATION_FIELDS = [
+    ("datetime", "ts_modified"),
+    ("datetime", "ts_installed"),
+    ("string", "name"),
+    ("string", "version"),
+    ("string", "author"),
+    ("string", "type"),
+    ("path", "path"),
+]
+UnixApplicationRecord = TargetRecordDescriptor(
+    "unix/application",
+    COMMON_APPLICATION_FIELDS,
+)
+WindowsApplicationRecord = TargetRecordDescriptor(
+    "windows/application",
+    COMMON_APPLICATION_FIELDS,
+)

dissect/target/helpers/regutil.py CHANGED Viewed

@@ -310,6 +310,7 @@ class VirtualKey(RegistryKey):
         self._class_name = class_name
         self._values: dict[str, RegistryValue] = {}
         self._subkeys: dict[str, RegistryKey] = {}
+        self._timestamp: datetime = None
         self.top: RegistryKey = None
         super().__init__(hive=hive)
@@ -339,11 +340,19 @@ class VirtualKey(RegistryKey):
         return self._path
     @property
-    def timestamp(self) -> datetime:
+    def timestamp(self) -> datetime | None:
         if self.top:
             return self.top.timestamp
+        if self._timestamp:
+            return self._timestamp
         return None
+    @timestamp.setter
+    def timestamp(self, ts: datetime) -> None:
+        self._timestamp = ts
     def subkey(self, subkey: str) -> RegistryKey:
         try:
             return self._subkeys[subkey.lower()]

dissect/target/plugins/os/unix/applications.py ADDED Viewed

@@ -0,0 +1,78 @@
+from typing import Iterator
+from dissect.target.exceptions import UnsupportedPluginError
+from dissect.target.helpers import configutil
+from dissect.target.helpers.fsutil import TargetPath
+from dissect.target.helpers.record import UnixApplicationRecord
+from dissect.target.plugin import Plugin, export
+from dissect.target.target import Target
+class UnixApplicationsPlugin(Plugin):
+    """Unix Applications plugin."""
+    SYSTEM_PATHS = [
+        "/usr/share/applications/",
+        "/usr/local/share/applications/",
+        "/var/lib/snapd/desktop/applications/",
+        "/var/lib/flatpak/exports/share/applications/",
+    ]
+    USER_PATHS = [
+        ".local/share/applications/",
+    ]
+    SYSTEM_APPS = ("org.gnome.",)
+    def __init__(self, target: Target):
+        super().__init__(target)
+        self.desktop_files = list(self._find_desktop_files())
+    def _find_desktop_files(self) -> Iterator[TargetPath]:
+        for dir in self.SYSTEM_PATHS:
+            for file in self.target.fs.path(dir).glob("*.desktop"):
+                yield file
+        for user_details in self.target.user_details.all_with_home():
+            for dir in self.USER_PATHS:
+                for file in user_details.home_path.joinpath(dir).glob("*.desktop"):
+                    yield file
+    def check_compatible(self) -> None:
+        if not self.desktop_files:
+            raise UnsupportedPluginError("No application .desktop files found")
+    @export(record=UnixApplicationRecord)
+    def applications(self) -> Iterator[UnixApplicationRecord]:
+        """Yield installed Unix GUI applications from GNOME and XFCE.
+        Resources:
+            - https://wiki.archlinux.org/title/Desktop_entries
+            - https://specifications.freedesktop.org/desktop-entry-spec/latest/
+            - https://unix.stackexchange.com/questions/582928/where-gnome-apps-are-installed
+        Yields ``UnixApplicationRecord`` records with the following fields:
+        .. code-block:: text
+            ts_modified  (datetime): timestamp when the installation was modified
+            ts_installed (datetime): timestamp when the application was installed on the system
+            name         (string):   name of the application
+            version      (string):   version of the application
+            author       (string):   author of the application
+            type         (string):   type of the application, either user or system
+            path         (string):   path to the desktop file entry of the application
+        """
+        for file in self.desktop_files:
+            config = configutil.parse(file, hint="ini").get("Desktop Entry") or {}
+            stat = file.lstat()
+            yield UnixApplicationRecord(
+                ts_modified=stat.st_mtime,
+                ts_installed=stat.st_btime if hasattr(stat, "st_btime") else None,
+                name=config.get("Name"),
+                version=config.get("Version"),
+                path=config.get("Exec"),
+                type="system" if config.get("Icon", "").startswith(self.SYSTEM_APPS) else "user",
+                _target=self.target,
+            )

dissect/target/plugins/os/unix/linux/debian/snap.py ADDED Viewed

@@ -0,0 +1,79 @@
+from typing import Iterator
+from dissect.target.exceptions import UnsupportedPluginError
+from dissect.target.filesystems.squashfs import SquashFSFilesystem
+from dissect.target.helpers import configutil
+from dissect.target.helpers.fsutil import TargetPath
+from dissect.target.helpers.record import UnixApplicationRecord
+from dissect.target.plugin import Plugin, alias, export
+from dissect.target.target import Target
+class SnapPlugin(Plugin):
+    """Canonical Linux Snapcraft plugin."""
+    PATHS = [
+        "/var/lib/snapd/snaps",
+    ]
+    def __init__(self, target: Target):
+        super().__init__(target)
+        self.installs = list(self._find_installs())
+    def check_compatible(self) -> None:
+        if not configutil.HAS_YAML:
+            raise UnsupportedPluginError("Missing required dependency ruamel.yaml")
+        if not self.installs:
+            raise UnsupportedPluginError("No snapd install folder(s) found")
+    def _find_installs(self) -> Iterator[TargetPath]:
+        for str_path in self.PATHS:
+            if (path := self.target.fs.path(str_path)).exists():
+                yield path
+    @export(record=UnixApplicationRecord)
+    @alias("snaps")
+    def snap(self) -> Iterator[UnixApplicationRecord]:
+        """Yields installed Canonical Linux Snapcraft (snaps) applications on the target system.
+        Reads information from installed SquashFS ``*.snap`` files found in ``/var/lib/snapd/snaps``.
+        Logs of the ``snapd`` daemon can be parsed using the ``journal`` or ``syslog`` plugins.
+        Resources:
+            - https://github.com/canonical/snapcraft
+            - https://en.wikipedia.org/wiki/Snap_(software)
+        Yields ``UnixApplicationRecord`` records with the following fields:
+        .. code-block:: text
+            ts_modified  (datetime): timestamp when the installation was modified
+            name         (string):   name of the application
+            version      (string):   version of the application
+            path         (string):   path to the application snap file
+        """
+        for install_path in self.installs:
+            for snap in install_path.glob("*.snap"):
+                try:
+                    squashfs = SquashFSFilesystem(snap.open())
+                except (ValueError, NotImplementedError) as e:
+                    self.target.log.warning("Unable to open snap file %s", snap)
+                    self.target.log.debug("", exc_info=e)
+                    continue
+                if not (meta := squashfs.path("meta/snap.yaml")).exists():
+                    self.target.log.warning("Snap %s has no meta/snap.yaml file")
+                    continue
+                meta_data = configutil.parse(meta, hint="yaml")
+                yield UnixApplicationRecord(
+                    ts_modified=meta.lstat().st_mtime,
+                    name=meta_data.get("name"),
+                    version=meta_data.get("version"),
+                    path=snap,
+                    _target=self.target,
+                )

dissect/target/plugins/os/unix/packagemanager.py CHANGED Viewed

@@ -6,7 +6,7 @@ from dissect.target.helpers.record import TargetRecordDescriptor
 from dissect.target.plugin import NamespacePlugin
 PackageManagerLogRecord = TargetRecordDescriptor(
-    "unix/log/packagemanager",
+    "unix/packagemanager/log",
     [
         ("datetime", "ts"),
         ("string", "package_manager"),

dissect/target/plugins/os/windows/regf/applications.py ADDED Viewed

@@ -0,0 +1,62 @@
+from datetime import datetime
+from typing import Iterator
+from dissect.target.exceptions import UnsupportedPluginError
+from dissect.target.helpers.record import WindowsApplicationRecord
+from dissect.target.plugin import Plugin, export
+from dissect.target.target import Target
+class WindowsApplicationsPlugin(Plugin):
+    """Windows Applications plugin."""
+    def __init__(self, target: Target):
+        super().__init__(target)
+        self.keys = list(self.target.registry.keys("HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Uninstall"))
+    def check_compatible(self) -> None:
+        if not self.target.has_function("registry"):
+            raise UnsupportedPluginError("No Windows registry found")
+        if not self.keys:
+            raise UnsupportedPluginError("No 'Uninstall' registry keys found")
+    @export(record=WindowsApplicationRecord)
+    def applications(self) -> Iterator[WindowsApplicationRecord]:
+        """Yields currently installed applications from the Windows registry.
+        Use the Windows eventlog plugin (``evtx``, ``evt``) to parse install and uninstall events
+        of applications and services (e.g. ``4697``, ``110707``, ``1034`` and ``11724``).
+        Resources:
+            - https://learn.microsoft.com/en-us/windows/win32/msi/uninstall-registry-key
+        Yields ``WindowsApplicationRecord`` records with the following fields:
+        .. code-block:: text
+            ts_modified  (datetime): timestamp when the installation was modified according to the registry
+            ts_installed (datetime): timestamp when the application was installed according to the application
+            name         (string):   name of the application
+            version      (string):   version of the application
+            author       (string):   author of the application
+            type         (string):   type of the application, either user or system
+            path         (string):   path to the installed location or installer of the application
+        """
+        for uninstall in self.keys:
+            for app in uninstall.subkeys():
+                values = {value.name: value.value for value in app.values()}
+                if install_date := values.get("InstallDate"):
+                    install_date = datetime.strptime(install_date, "%Y%m%d")
+                yield WindowsApplicationRecord(
+                    ts_modified=app.ts,
+                    ts_installed=install_date,
+                    name=values.get("DisplayName") or app.name,
+                    version=values.get("DisplayVersion"),
+                    author=values.get("Publisher"),
+                    type="system" if values.get("SystemComponent") or not values else "user",
+                    path=values.get("DisplayIcon") or values.get("InstallLocation") or values.get("InstallSource"),
+                    _target=self.target,
+                )

{dissect.target-3.20.dev39.dist-info → dissect.target-3.20.dev41.dist-info}/METADATA RENAMED Viewed

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: dissect.target
-Version: 3.20.dev39
+Version: 3.20.dev41
 Summary: This module ties all other Dissect modules together, it provides a programming API and command line tools which allow easy access to various data sources inside disk images or file collections (a.k.a. targets)
 Author-email: Dissect Team <dissect@fox-it.com>
 License: Affero General Public License v3

{dissect.target-3.20.dev39.dist-info → dissect.target-3.20.dev41.dist-info}/RECORD RENAMED Viewed

@@ -60,9 +60,9 @@ dissect/target/helpers/mount.py,sha256=7Y4B0uY2c00p23hmuMKSgwAwxkKcY4spyAMO1kdcV
 dissect/target/helpers/mui.py,sha256=i-7XoHbu4WO2fYapK9yGAMW04rFlgRispknc1KQIS5Q,22258
 dissect/target/helpers/polypath.py,sha256=h8p7m_OCNiQljGwoZh5Aflr9H2ot6CZr6WKq1OSw58o,2175
 dissect/target/helpers/protobuf.py,sha256=b4DsnqrRLrefcDjx7rQno-_LBcwtJXxuKf5RdOegzfE,1537
-dissect/target/helpers/record.py,sha256=7Se6ZV8cvwEaGSjRd9bKhVnUAn4W4KR2eqP6AbQhTH4,5892
+dissect/target/helpers/record.py,sha256=TxG1lwW5N0V-7kuq4s2vnQh-hAbT7rVwwZLf4sIDNjM,6334
 dissect/target/helpers/record_modifier.py,sha256=cRNDhUYMmx4iEKyEr5Pqy9xiFgxr_GBNJPp_omkQsEU,4094
-dissect/target/helpers/regutil.py,sha256=ti-ht2N9UxbMjhUBP2bybY76_dAvbCz0txPBszvSKVw,28171
+dissect/target/helpers/regutil.py,sha256=dnmpceitwTeS-9L8HU_HG5OXMzCcH58o8uhj5olDWyg,28383
 dissect/target/helpers/shell_application_ids.py,sha256=hYxrP-YtHK7ZM0ectJFHfoMB8QUXLbYNKmKXMWLZRlA,38132
 dissect/target/helpers/shell_folder_ids.py,sha256=Behhb8oh0kMxrEk6YYKYigCDZe8Hw5QS6iK_d2hTs2Y,24978
 dissect/target/helpers/utils.py,sha256=K3xVq9D0FwIhTBAuiWN8ph7Pq2GABgG3hOz-3AmKuEA,4244
@@ -72,7 +72,7 @@ dissect/target/helpers/compat/path_311.py,sha256=2aydxCMWu1pN8PTBCo8HUbHRMC1xO-h
 dissect/target/helpers/compat/path_312.py,sha256=oYa9SzcUI6FZmayQSy-HHPiIdPk5FX0XAQjnjGLsjCc,15223
 dissect/target/helpers/compat/path_39.py,sha256=FIyZ3sb-XQhJnm02jVdOc6ncjCWa9OVxlCb_yap8A1o,18638
 dissect/target/helpers/compat/path_common.py,sha256=mwUUnCMhrhsO5eMqV_XxCBA4ZxVZov0PpWgy_umGhBk,7763
-dissect/target/helpers/data/windowsZones.xml,sha256=4OijeR7oxI0ZwPTSwCkmtcofOsUCjSnbZ4dQxVOM_4o,50005
+dissect/target/helpers/data/windowsZones.xml,sha256=UJYMLQMvX3Kjg-BHzwAiOTXDDFO2d1C2v4DSrbkYYK0,49586
 dissect/target/loaders/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 dissect/target/loaders/ab.py,sha256=iwj1LHe_-VaBmj6d-nKrvim1UvrJ-nzp2LlgCFlOuUk,9484
 dissect/target/loaders/ad1.py,sha256=1_VmPZckDzXVvNF-HNtoUZqabnhCKBLUD3vVaitHQ00,571
@@ -195,12 +195,13 @@ dissect/target/plugins/general/users.py,sha256=yy9gvRXfN9BT71v4Xqo5hpwfgN9he9Otu
 dissect/target/plugins/os/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 dissect/target/plugins/os/unix/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 dissect/target/plugins/os/unix/_os.py,sha256=I-waC7Hn9rMJRI2JUDreLnU_LS54Zj3hix7BfJLV-xg,14651
+dissect/target/plugins/os/unix/applications.py,sha256=AUgZRP35FzswGyFyChj2o4dfGO34Amc6nqHgiMEaqdI,3129
 dissect/target/plugins/os/unix/cronjobs.py,sha256=tgWQ3BUZpfyvRzodMwGtwFUdPjZ17k7ZRbZ9Q8wmXPk,3393
 dissect/target/plugins/os/unix/datetime.py,sha256=gKfBdPyUirt3qmVYfOJ1oZXRPn8wRzssbZxR_ARrtk8,1518
 dissect/target/plugins/os/unix/generic.py,sha256=qC4zQiqpm8ilc-d1ITsccOQbbUUM8HylWB4dsFKJjAw,2171
 dissect/target/plugins/os/unix/history.py,sha256=95EXJrD5ko7iFLsYhAwvR-2wDbVBSNsyXsfZKEWMJq8,6533
 dissect/target/plugins/os/unix/locale.py,sha256=l42abqG1nGk90SDRt1DmkvqPvO5L-1GtaEwg6dj89qI,4323
-dissect/target/plugins/os/unix/packagemanager.py,sha256=XKKJuJ1p9mEQ4TGW7SEwcj1rg8fPp2aWIhnt_0i8Rhc,1279
+dissect/target/plugins/os/unix/packagemanager.py,sha256=xmisH9vMY7uR2d6lFVNuWrZrbVnKa6mYk6C3sbcLtlc,1279
 dissect/target/plugins/os/unix/shadow.py,sha256=TVQQcGhPFYV685ouqOagk4P1AsqAHseFN5lWYHPf3tI,4172
 dissect/target/plugins/os/unix/trash.py,sha256=Z-1r5VQorLauj_85TgURRLQI7ns1Q1N_922Vq8q_v18,6106
 dissect/target/plugins/os/unix/bsd/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
@@ -240,6 +241,7 @@ dissect/target/plugins/os/unix/linux/debian/__init__.py,sha256=47DEQpj8HBSa-_TIm
 dissect/target/plugins/os/unix/linux/debian/_os.py,sha256=GI19ZqcyfZ1mUYg2NCx93HkZje9MWMU8FYNKQv-G6go,498
 dissect/target/plugins/os/unix/linux/debian/apt.py,sha256=uKfW77pbgxYSe9g6hpih19-xfgvCB954Ygx21j-ydzk,4388
 dissect/target/plugins/os/unix/linux/debian/dpkg.py,sha256=6A3mb77NREdDWDTFrmcfCF_XxHMmD4_5eHqHEl_7Vqg,5816
+dissect/target/plugins/os/unix/linux/debian/snap.py,sha256=YVz1N54eQsj2_22LUJIj6Gg-huwT4xDEcOAZn9Tvgw4,3023
 dissect/target/plugins/os/unix/linux/debian/vyos/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 dissect/target/plugins/os/unix/linux/debian/vyos/_os.py,sha256=TPjcfv1n68RCe3Er4aCVQwQDCZwJT-NLvje3kPjDfhk,1744
 dissect/target/plugins/os/unix/linux/fortios/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
@@ -324,6 +326,7 @@ dissect/target/plugins/os/windows/log/pfro.py,sha256=d53Mm7ovZa9crSwVRPwjMVxTd_j
 dissect/target/plugins/os/windows/log/schedlgu.py,sha256=JaP8H8eTEypWXhx2aFSR_IMam6rQiksbLKhMr_U4fz8,5570
 dissect/target/plugins/os/windows/regf/7zip.py,sha256=Ox8cLyQtbyYQS7m4eY3onNv1K8N2IkS5wexrC55Urd4,3444
 dissect/target/plugins/os/windows/regf/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
+dissect/target/plugins/os/windows/regf/applications.py,sha256=AZwaLXsVmqMjoZYI3dhYLvJL_8s1k1aRjSgjvqC2AxI,2898
 dissect/target/plugins/os/windows/regf/appxdebugkeys.py,sha256=X8MYLcD76pIZoIWwS_DgUp6q6pi2WO7jhZeoc4uGLak,3966
 dissect/target/plugins/os/windows/regf/auditpol.py,sha256=vTqWw0_vu9p_emWC8FuYcYQpOXhEFQQDLV0K6-18i9c,5208
 dissect/target/plugins/os/windows/regf/bam.py,sha256=jJ0i-82uteBU0hPgs81f8NV8NCeRtIklK82Me2S_ro0,2131
@@ -370,10 +373,10 @@ dissect/target/volumes/luks.py,sha256=OmCMsw6rCUXG1_plnLVLTpsvE1n_6WtoRUGQbpmu1z
 dissect/target/volumes/lvm.py,sha256=wwQVR9I3G9YzmY6UxFsH2Y4MXGBcKL9aayWGCDTiWMU,2269
 dissect/target/volumes/md.py,sha256=7ShPtusuLGaIv27SvEETtgsuoQyAa4iAAeOR1NEaajI,1689
 dissect/target/volumes/vmfs.py,sha256=-LoUbn9WNwTtLi_4K34uV_-wDw2W5hgaqxZNj4UmqAQ,1730
-dissect.target-3.20.dev39.dist-info/COPYRIGHT,sha256=m-9ih2RVhMiXHI2bf_oNSSgHgkeIvaYRVfKTwFbnJPA,301
-dissect.target-3.20.dev39.dist-info/LICENSE,sha256=DZak_2itbUtvHzD3E7GNUYSRK6jdOJ-GqncQ2weavLA,34523
-dissect.target-3.20.dev39.dist-info/METADATA,sha256=kytETAlhT5qsu2qAkum-3O6NZxRkd7N0Ytx-GwcMqCE,12897
-dissect.target-3.20.dev39.dist-info/WHEEL,sha256=OVMc5UfuAQiSplgO0_WdW7vXVGAt9Hdd6qtN4HotdyA,91
-dissect.target-3.20.dev39.dist-info/entry_points.txt,sha256=BWuxAb_6AvUAQpIQOQU0IMTlaF6TDht2AIZK8bHd-zE,492
-dissect.target-3.20.dev39.dist-info/top_level.txt,sha256=Mn-CQzEYsAbkxrUI0TnplHuXnGVKzxpDw_po_sXpvv4,8
-dissect.target-3.20.dev39.dist-info/RECORD,,
+dissect.target-3.20.dev41.dist-info/COPYRIGHT,sha256=m-9ih2RVhMiXHI2bf_oNSSgHgkeIvaYRVfKTwFbnJPA,301
+dissect.target-3.20.dev41.dist-info/LICENSE,sha256=DZak_2itbUtvHzD3E7GNUYSRK6jdOJ-GqncQ2weavLA,34523
+dissect.target-3.20.dev41.dist-info/METADATA,sha256=L31RLE9aRvflCgG4WQ89JHQgFlD-1TbAlxgnXJFtY4U,12897
+dissect.target-3.20.dev41.dist-info/WHEEL,sha256=P9jw-gEje8ByB7_hXoICnHtVCrEwMQh-630tKvQWehc,91
+dissect.target-3.20.dev41.dist-info/entry_points.txt,sha256=BWuxAb_6AvUAQpIQOQU0IMTlaF6TDht2AIZK8bHd-zE,492
+dissect.target-3.20.dev41.dist-info/top_level.txt,sha256=Mn-CQzEYsAbkxrUI0TnplHuXnGVKzxpDw_po_sXpvv4,8
+dissect.target-3.20.dev41.dist-info/RECORD,,

{dissect.target-3.20.dev39.dist-info → dissect.target-3.20.dev41.dist-info}/WHEEL RENAMED Viewed

@@ -1,5 +1,5 @@
 Wheel-Version: 1.0
-Generator: setuptools (75.2.0)
+Generator: setuptools (75.3.0)
 Root-Is-Purelib: true
 Tag: py3-none-any

{dissect.target-3.20.dev39.dist-info → dissect.target-3.20.dev41.dist-info}/COPYRIGHT RENAMED Viewed

File without changes

{dissect.target-3.20.dev39.dist-info → dissect.target-3.20.dev41.dist-info}/LICENSE RENAMED Viewed

File without changes

{dissect.target-3.20.dev39.dist-info → dissect.target-3.20.dev41.dist-info}/entry_points.txt RENAMED Viewed

File without changes

{dissect.target-3.20.dev39.dist-info → dissect.target-3.20.dev41.dist-info}/top_level.txt RENAMED Viewed

File without changes

dissect.target 3.20.dev39__py3-none-any.whl → 3.20.dev41__py3-none-any.whl

dissect.target 3.20.dev39py3-none-any.whl → 3.20.dev41py3-none-any.whl